-name:elb-ssl-whitelistdescription:|HTTPS/SSL ELBs should only have whitelisted ciphers/protocolsresource:elbmode:type:cloudtrailevents:-CreateLoadBalancer-CreateLoadBalancerPolicy-SetLoadBalancerPoliciesOfListenerfilters:-type:ssl-policywhitelist:&POLICY-Protocol-TLSv1-Protocol-TLSv1.1-Protocol-TLSv1.2actions:-type:set-ssl-listener-policyname:CustodianEnforcedPolicyattributes:*POLICY